This add a new per-user state for an app, indicating whether
it is installed for that user.
All system apps are always installed for all users (we still
use disable to "uninstall" them).
Now when you call into the package manager to install an app,
it will only install the app for that user unless you supply
a flag saying to install for all users. Only being installed
for the user is just the normal install state, but all other
users have marked in their state for that app that it is not
installed.
When you call the package manager APIs for information about
apps, uninstalled apps are treated as really being not visible
(somewhat more-so than disabled apps), unless you use the
GET_UNINSTALLED_PACKAGES flag.
If another user calls to install an app that is already installed,
just not for them, then the normal install process takes place
but in addition that user's installed state is toggled on.
The package manager will not send PACKAGE_ADDED, PACKAGE_REMOVED,
PACKAGE_REPLACED etc broadcasts to users who don't have a package
installed or not being involved in a change in the install state.
There are a few things that are not quite right with this -- for
example if you go through a full install (with a new apk) of an
app for one user who doesn't have it already installed, you will
still get the PACKAGED_REPLACED messages even though this is
technically the first install for your user. I'm not sure how
much of an issue this is.
When you call the existing API to uninstall an app, this toggles
the installed state of the app for that user to be off. Only if
that is the last user user that has the app uinstalled will it
actually be removed from the device. Again there is a new flag
you can pass in to force the app to be uninstalled for all users.
Also fixed issues with cleaning external storage of apps, which
was not dealing with multiple users. We now keep track of cleaning
each user for each package.
Change-Id: I00e66452b149defc08c5e0183fa673f532465ed5
Create a new verifier API to extend the timeout for a giving package,
including the resulting action (allow or deny) upon the timeout occuring.
Bug: 6901038
Change-Id: I351f7944327f863aff1d7dd1227be74652fa1511
Introduce API to get per-user storage information, keep track
of services associated with users, and various small cleanup.
Change-Id: I5d4e784e7ff3cccfed627d66a090d2f464202634
This change passes the originating URL and accompanied referrer to
package verifiers, when available.
Bug: 6544677
Change-Id: I9ebc71bc13f549bd88267e444816151a99bda000
So each user can have their own set of intent resolution preferences.
ResolverActivity now launches the activity on the correct user, and
persists the preference for the correct user.
Bug: 6961905
Change-Id: I6d3a8a9af89bc649277d4fc8d0f367ee123f8392
PackageManagerService just needed to know the owner for this file, so
just use stat instead so we can remove the old JNI code.
This is the last user of FileUtils#getPermissions so just remove the
FileUtils method as well.
Change-Id: I953057cd6b9de4410f33b6f22e4bddff02fe2988
If the incoming request is to notify of storage unmounted, don't mess
with apps that are in internal ASECs.
Bug: 6948035
Change-Id: I63ffb895c4d994ee03a5a9bd6bb23f69c88e2a87
Moved a bunch of methods from PackageManager to UserManager.
Fix launching of activities from recents to correct user.
Guest creation APIs
Change-Id: I0733405e6eb2829675665e225c759d6baa2b708f
This change passes the originating URL and accompanied referrer to
package verifiers, when available.
Bug: 6544677
Change-Id: If9ff6663ad7f3426b7aea2aceb1413b689788138
Use raw arrays instead of ArrayList for data structures.
Temporarily includes a copy of the old intent resolver for
validating the new implementation.
Change-Id: I988925669b6686ac73b779be6cd6fe3a9fd86660
Label the vmdl.*\.tmp files and the final .apk file differently.
Modify the WallpaperManagerService to restorecon the wallpaper file.
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
Change-Id: Idfc056e9ec0508d7e11100626a7114f341f1af70
Changes to make Bluetooth Service part of the system_service.
These changes may be temporary.
Changes to update to the new disable API.
Change-Id: If89dba17e6e6c6daa53c37684221763a2da076e9
Conflicts:
services/java/com/android/server/pm/PackageManagerService.java
The package manager calls to clear data / clear cache were not also
having default container service clear the data on external storage. Now
they do.
Change-Id: Ib5e5eb6adf2cac5a4cc094cc1a02ac8cfb6a2edf
When adding an system app via OTA, trying to remove it from mPackages
directly doesn't work. The ContentProviders and other things aren't
removed and point to the hidden system app's applicationInfo instead of
the updated app.
Bug: 6685263
Change-Id: I487cf518e0e3c60fae736e9b974617023a7dee8d
...for a smoother OOB experience
Way provided.
Put your defaults in system/etc/preferred-apps/*.xml.
Figure out what to put there with "adb shell dumpsys package preferred-xml".
Bug: 6680894
Change-Id: Ia06bb0061876274a5f80bf06d1ba5ad155edc323
...mismatched uid: X on disk, Y in settings" errors on Froyo and Gingerbread
Deal more gracefully with the uid changing in three ways:
1. If the uid on disk has become root, then have installd change it to
the application's uid. This is to correct a potential case where
installd was interrupted while linking or unlinking the libs dir,
during which it temporarily changes the owner of the dir to root
so that a malicious app can not get in its way. So if the uid on
disk has become root, we assume we can safely just change it back
to the correct uid.
2. When scaning packages at boot, use the same "delete and rebuild data
directory" code for third party applications as we have for system
applications. This allows us to at least end up in a state where the
app will run, even if its data is lost.
3. But we really don't want to get in to case 2, so if an application
update is being installed and we find that the uid we now have for
the app is different than the one on disk, fail the update. This will
protect against for example a developer changing the sharedUserId of
their app and getting into this bad state.
Bug: 6295373
Change-Id: Ic802fdd818ac62449ff3c61d1fff1aa4d4942f39
Forward-locked apps are mostly in ASEC containers now, so the
containers need to be measured as well.
Bug: 6606390
Change-Id: I69e9fe47aabe1e130568779a45fe8000b3ce9d4c
When media packages were loaded, they would lose their forward-locked
status since the flags covering it was not available when the
doPostInstall step was called.
Bug: 6611980
Change-Id: I807fcec6b61cedf7654808b704fba7de9c7c1922
The old style forward-locked apps were in a directory called
/data/app-private but the new style forward-locked apps are in ASEC
containers. This made the upgrade path confused and it wouldn't
correctly generate the InstallArgs to delete the old file.
Bug: 6619438
Change-Id: If4323fa8701d9fc653998f5db58670b4124b9e87
When app verfication is enabled and the verifier times out, allow
PackageManagerService to continue with the installation.
Bug: 6531120
Change-Id: Ic6aef755af92588e8887c918b70fb195c683b24c
Pending install list is cleared if there is an error connecting to DCS,
so don't try to remove each pending install in the loop.
Change-Id: I736114878ad92136c3b8a3ca27a1f058adaba395
Move MountService up the list, then pause waiting for MountService to
finish scanning ASECs before the services that require those packages to
be ready.
Additionally, don't automatically mark all ASEC apps as FLAG_EXTERNAL on
reboot. This prevents AppWidgets and other things from being used with
ASECs which are on internal storage.
Bug: 6445613
Change-Id: I3e0b3e244fec966814d7a5ea93de5d337aea79bd
Change the thread priority for all disk measurement and statfs calls to
background priority.
Also move the measurement fully into the measurement task since it makes
more sense.
Bug: 6332097
Change-Id: Iafc2151313ad9b14117daf67e933dccd32f68d54
